9.1
CVE-2024-12378
- EPSS 0.17%
- Veröffentlicht 08.05.2025 19:15:57
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle psirt@arista.com
- CVE-Watchlists
- Unerledigt
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerArista Networks
≫
Produkt
CloudVision Portal
Default Statusunaffected
Version <=
4.32.2F
Version
4.32.0
Status
affected
Version <=
4.31.6M
Version
4.31.0
Status
affected
Version <=
4.30.8M
Version
4.30.0
Status
affected
Version <=
4.29.9M
Version
4.29.0
Status
affected
Version <=
4.28.12M
Version
4.28.0
Status
affected
Version <=
4.27.12M
Version
4.27.0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.377 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@arista.com | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.